Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Fix for 1 vulnerabilities #8

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 1 vulnerabilities #8

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b13e656
fix: package.json & .snyk to reduce vulnerabilities
snyk-bot May 1, 2020
f44805b
fix: package.json & .snyk to reduce vulnerabilities
snyk-bot May 1, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
306 changes: 306 additions & 0 deletions .snyk
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,306 @@
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
version: v1.14.1
ignore: {}
# patches apply the minimum changes required to fix a vulnerability
patch:
SNYK-JS-LODASH-567746:
- lodash:
patched: '2020-05-01T03:53:27.363Z'
- async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipfs-http-client > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipfs-http-response > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-bootstrap > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-floodsub > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-mdns > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-secio > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-webrtc-star > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- pull-mplex > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > latency-monitor > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipns > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-floodsub > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-keychain > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-secio > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipfs-http-client > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipns > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-book > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-bootstrap > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-mdns > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-secio > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-webrtc-star > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipld-ethereum > ethereumjs-block > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipld-ethereum > merkle-patricia-tree > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > multistream-select > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > multistream-select > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-content-routing > ipfs-http-client > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > ipfs-http-client > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-floodsub > libp2p-pubsub > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-pubsub > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-floodsub > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > libp2p-record > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > libp2p-websocket-star > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipns > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-floodsub > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-keychain > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-secio > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipfs-http-client > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipns > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-book > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-bootstrap > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-mdns > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-secio > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-webrtc-star > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-floodsub > libp2p-pubsub > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-pubsub > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-floodsub > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > libp2p-websocket-star > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipfs-http-client > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-book > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-bootstrap > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-mdns > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-secio > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-webrtc-star > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-book > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-content-routing > ipfs-http-client > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > ipfs-http-client > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > libp2p-websocket-star > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-floodsub > libp2p-pubsub > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-floodsub > libp2p-pubsub > sinon > @sinonjs/samsam > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-pubsub > sinon > @sinonjs/samsam > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipfs-http-client > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipns > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-book > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-bootstrap > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-mdns > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-secio > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-webrtc-star > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-floodsub > libp2p-pubsub > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-pubsub > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-floodsub > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > libp2p-websocket-star > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipfs-http-client > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-book > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-bootstrap > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-mdns > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-secio > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-webrtc-star > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-book > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-content-routing > ipfs-http-client > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > ipfs-http-client > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > libp2p-websocket-star > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-floodsub > libp2p-pubsub > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-book > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-content-routing > ipfs-http-client > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > ipfs-http-client > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > libp2p-websocket-star > peer-info > peer-id > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-floodsub > libp2p-pubsub > sinon > @sinonjs/formatio > @sinonjs/samsam > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-pubsub > sinon > @sinonjs/formatio > @sinonjs/samsam > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-floodsub > libp2p-pubsub > sinon > @sinonjs/samsam > lodash:
patched: '2020-05-01T03:53:27.363Z'
- ipfs-http-client > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- peer-book > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-bootstrap > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-kad-dht > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-mdns > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-secio > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-webrtc-star > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-book > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-content-routing > ipfs-http-client > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > ipfs-http-client > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > libp2p-websocket-star > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-floodsub > libp2p-pubsub > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-book > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-content-routing > ipfs-http-client > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > ipfs-http-client > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > libp2p-websocket-star > peer-info > peer-id > libp2p-crypto > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-floodsub > libp2p-pubsub > sinon > nise > @sinonjs/formatio > @sinonjs/samsam > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-pubsub > sinon > nise > @sinonjs/formatio > @sinonjs/samsam > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-floodsub > libp2p-pubsub > sinon > @sinonjs/formatio > @sinonjs/samsam > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p > peer-book > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-content-routing > ipfs-http-client > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-delegated-peer-routing > ipfs-http-client > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-websocket-star-multi > libp2p-websocket-star > peer-info > peer-id > libp2p-crypto > libp2p-crypto-secp256k1 > async > lodash:
patched: '2020-05-01T03:53:27.363Z'
- libp2p-gossipsub > libp2p-floodsub > libp2p-pubsub > sinon > nise > @sinonjs/formatio > @sinonjs/samsam > lodash:
patched: '2020-05-01T03:53:27.363Z'
10 changes: 7 additions & 3 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,9 @@
"benchmark:browser": "echo \"Error: no benchmarks yet\" && exit 1",
"release": "aegir release -t node -t browser",
"release-minor": "aegir release --type minor -t node -t browser",
"release-major": "aegir release --type major -t node -t browser"
"release-major": "aegir release --type major -t node -t browser",
"snyk-protect": "snyk protect",
"prepublish": "npm run snyk-protect"
},
"dependencies": {
"@hapi/ammo": "^3.1.1",
Expand Down Expand Up @@ -190,7 +192,8 @@
"uri-to-multiaddr": "^3.0.1",
"varint": "^5.0.0",
"yargs": "^14.0.0",
"yargs-promise": "^1.1.0"
"yargs-promise": "^1.1.0",
"snyk": "^1.316.1"
},
"devDependencies": {
"aegir": "^20.3.1",
Expand Down Expand Up @@ -352,5 +355,6 @@
"victorbjelkholm <victorbjelkholm@gmail.com>",
"Łukasz Magiera <magik6k@users.noreply.github.com>",
"Максим Ильин <negamaxi@gmail.com>"
]
],
"snyk": true
}